Changes in UserGate Log Analyzer 7

UserGate Log Analyzer 7.3.1 (build 7.3.1.149025R, 01.05.2025).

Сhanges in new version:

  • [SUM-16219] Fixed security issue which allowed path traversal on NGFW platform in some cases.
  • [SUM-16644] Optimized CPU consumption on platforms with large numbers of cores.
  • [SUM-17023] Fixed issue with inability to install offline update.
  • [SUM-17063] Fixed vulnerability, which allowed remote code execution on UGOS via specially formatted CLI request.

UserGate Log Analyzer 7.2.2 (build 7.2.2.149026R, 01.05.2025).

Сhanges in new version:

  • [SUM-16219] Fixed security issue which allowed path traversal on NGFW platform in some cases.
  • [SUM-16541] Fixed security issue which allows to highjack remote assistant connection.
  • [SUM-17063] Fixed vulnerability, which allowed remote code execution on UGOS via specially formatted CLI request.

UserGate Log Analyzer 7.3.0 (build 7.3.0.123359R, 19.03.2025).

Сhanges in new version:

  • [SUM-12538] Fixed import/export of configuration containing VLAN on bond type interfaces.
  • [SUM-13565] Fixed port assignment in LogAn appliances.
  • [SUM-13970] Optimized work with a large number of vlan type interfaces (more than 2000).
  • [SUM-14275] Fixed a bug causing the radius authentication method to not work after updating the version.
  • [SUM-15253] Fixed security issue, which allowed to run arbitrary command at OS level if administrative access to the web-console is granted.
  • [SUM-4859] Added the ability to create a failover cluster for SIEM (active-passive). Added a new cluster node type Arbitrator, which ensures data consistency.

UserGate Log Analyzer 7.2.1 (build 7.2.1.115866R, 04.03.2025).

Сhanges in new version:

  • [SUM-15253] Fixed a vulnerability that allowed root access to the system.
  • [SUM-10186] Added the ability to use category URL lists in search queries in analytics and search.
  • [SUM-10188] Added the ability to use application lists in search queries in analytics and search.
  • [SUM-11415] Fixed inability to remove UserGate sensor.
  • [SUM-12538] Fixed import/export of configuration containing VLAN on bond type interfaces.
  • [SUM-12938] Added a library of custom log normalization rules.
  • [SUM-13565] Fixed port assignment in LogAn appliances.
  • [SUM-13970] Optimized work with a large number of vlan type interfaces (more than 2000).
  • [SUM-14275] Fixed a bug causing the radius authentication method to not work after updating the version.
  • [SUM-4859] Added the ability to create a fault-tolerance cluster for LogAn (active-passive). Added a new cluster node type Arbitrator, which ensures data consistency.
  • [SUM-14595] Added the ability to create a failover cluster for UserID when deploying to LogAn (active-passive).

UserGate Log Analyzer 7.2.0 (build 7.2.0.76784R, 16.12.2024).

Сhanges in new version:

  • [SUM-10183] Added the ability to use the userаgent, mime, url fields in search queries.
  • [SUM-10184] Added the ability to use lists of IP addresses in search queries in analytics and search.
  • [SUM-10195] Fixed the report generator.
  • [SUM-11104] Fixed display of the 'source IP' field in web access logs.
  • [SUM-11275] Fixed the web interface in the 'SOC' tab.
  • [SUM-11848] Fixed error in report generation if sorting is not specified in the custom report template.
  • [SUM-11952] Fixed the mechanism for updating updatable lists.
  • [SUM-12848] Fixed problem with missing some users logins in UserID, if it is running on LogAn server.
  • [SUM-12849] Fixed problem with connecting NGFW to UserGate LogAn 7.2.0.
  • [SUM-12920] Fixed problem with console hangs while changing existing UserID connector.

UserGate Log Analyzer 7.2.0 (build 7.2.0.60375R, 07.11.2024).Revoked.

Сhanges in new version:

  • [SUM-10183] Added the ability to use the userаgent, mime, url fields in search queries.
  • [SUM-10184] Added the ability to use lists of IP addresses in search queries in analytics and search.
  • [SUM-10195] Fixed the report generator.
  • [SUM-11104] Fixed display of the 'source IP' field in web access logs.
  • [SUM-11275] Fixed the web interface in the 'SOC' tab.
  • [SUM-11848] Fixed error in report generation if sorting is not specified in the custom report template.
  • [SUM-11952] Fixed the mechanism for updating updatable lists.

UserGate Log Analyzer 7.1.2 (build 7.1.2.33025R, 27.08.2024).

Сhanges in new version:

  • [SUM-10047] Fixed display of RAID information in desktop widgets and CLI.
  • [SUM-10542] Added the ability to transfer RAID status via SNMP.
  • [SUM-11041] Fixed inability to open the syslog server configuration after an update.
  • [SUM-32] A ban has been introduced on adding interfaces without an assigned IP address to the failover cluster.
  • [SUM-5524] Added the ability to configure the interval for running analytics rules in automatic mode.
  • [SUM-8649] Fixed a bug with administrator rights with a root profile.
  • [SUM-8969] Improved widget rendering.
  • [SUM-9288] Fixed work of cluster nodes with SNMP.
  • [SUM-9682] Added successful device boot events to the event log.

UserGate Log Analyzer 7.1.1 (build 7.1.1.12162R, 24.06.2024).

Сhanges in new version:

  • [SUM-1226] Fixed the mechanism for creating nested lists.
  • [SUM-7675] Fixed display of Cyrillic domains in the event log.
  • [SUM-7679] Fixed incorrect import of analytics rules from YAML if single quotes used in condition filter query.
  • [SUM-7847] Fixed hash display in evidence when creating an incident.
  • [SUM-7964] Fixed SNMPv3 rules synchronization from MC.
  • [SUM-7972] Fixed incorrect displaying of RAM usage on the performance graph in the Dashboard.
  • [SUM-7972] Fixed incorrect displaying of RAM usage on the performance graph in the Dashboard.
  • [SUM-8102] Fixed incorrect display of endpoint process tree.
  • [SUM-8165] Fixed errors in administrator profiles.
  • [SUM-8194] Fixed incorrect displaying of the event log entry when a license with a limit on CPUs activated.
  • [SUM-8258] Fixed errors in displaying endpoints information in CLI.
  • [SUM-8373] Fixed custom report.
  • [SUM-8475] Fixed a bug where the interface type with the 'Configured on the device' flag was not shown.
  • [SUM-8555] Fixed the operation of the sensor changing mechanism.
  • [SUM-8571] Fixed a bug related to deleting notification profiles.
  • [SUM-8588] Fixed creation of report rules.
  • [SUM-8594] Fixed problem with incorrect Admin's permissions assigned via administrator profile.
  • [SUM-8639] Fixed the error of insufficient rights when editing an alert profile.
  • [SUM-8643] Fixed editing email lists in admin alert profile.
  • [SUM-8764] Fixed CLI interaction with disabled Log Analyzer sensors.
  • [SUM-8847] Added radmin setting in CLI.
  • [SUM-8885] Fixed the 'sensor graph' widget.
  • [SUM-8887] Fixed compatibility issues between Log Analyzer v7.1.0 and earlier NGFWs.
  • [SUM-9160] Fixed the displaying event log entries about administrators setting update.

UserGate Log Analyzer 7.0.1 (HotFix build 7.0.1.1052R, 10.06.2024).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.0.1 (build 7.0.1.1051R, 08.04.2024).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.1.0 (build 7.1.0.1704R, 02.04.2024).

Сhanges in new version:

  • [SUM-3222] Added the ability to automatically respond to security incidents by sending a command to the end device.
  • [SUM-3265] Added the ability to set the Management Center and LogAnalyzer/SIEM address using FQDN.
  • [SUM-3444] Added the ability to view the full disk size and configure the storage period for event logs.
  • [SUM-4313] Added support for UserGate LogAn devices for centralized management.
  • [SUM-4499] Added custom normalization of endpoint and Syslog event log entries.
  • [SUM-4855] Added SIEM (Security Information and Event Management) functionality.
  • [SUM-4855] Added IRP (Incident Response Platform) functionality.
  • [SUM-4855] Added separation of UserGate Log Analyzer roles into Log Collector and SIEM.
  • [SUM-4872] Added the ability to use data received from end devices when building an overall picture of the security situation in an enterprise, and to correlate data with other data sources.
  • [SUM-4872] Added support for end devices with UserGate Client software installed as a source of information. Added receiving telemetric information from end devices (loading resources, lists of running processes and services), Windows logs, and other essential information about the security of end devices.
  • [SUM-6755] Added possibilities for presenting information (drill downs, convenient creation of filters for displaying information) in logs and in the Dashboard.

UserGate Log Analyzer 7.0.1 (build 7.0.1.1022R, 04.12.2023).

Сhanges in new version:

  • [UGDNS-21315] Fixed a bug in the ARM version update mechanism, which could lead to the device not working.

UserGate Log Analyzer 7.1.0 (Release Candidat build 7.0.1.1605R, 16/11/2023).

Сhanges in new version:

  • [UGDNS-9695 ] Improved search for rules using ipSource, ipDest and user filters.
  • [UGDNS-11377] Added the ability to automatically respond to security incidents by sending a command to the end device.
  • [UGDNS-12561] Added the ability to use data obtained from end devices when building an overall picture of the security state of the enterprise, and correlate data with other data sources.
  • [UGDNS-12590] Added retrieval of end device telemetry information (resource loading, lists of running processes and services), Windows logs, and other essential information about end device security.
  • [UGDNS-13013] Added support for end devices with UserGate Client software installed as an information source.
  • [UGDNS-13347] Added a timer to automatically close the admin session.
  • [UGDNS-15397] Added dark interface theme.
  • [UGDNS-15517] Added UserID functionality for transparent authentication using Active Directory and Syslog logs.
  • [UGDNS-15896] The process of adding analytics rule triggers to an incident has been optimized when the response action is set to create an incident.
  • [UGDNS-16544] Added custom normalization of endpoint and Syslog event log entries.
  • [UGDNS-16687] Added an Alias field in the interface properties for working with SNMP.
  • [UGDNS-17157] Added the ability to add pcap files to incident attachments.
  • [UGDNS-17216] Added the ability to monitor access to DNS servers via API.
  • [UGDNS-17881] Added support for SHA-2 family hashing algorithms for SNMP manager authentication.
  • [UGDNS-18093] Added the ability to add sections to favorites and display only these sections in the web interface.
  • [UGDNS-18146] Added the ability to receive Unix system events via TCP and UDP protocols simultaneously.
  • [UGDNS-18674] Added display of notifications when analytics rules are triggered in the web console.
  • [UGDNS-18775] Enhanced CLI and PMC CLI functionality.
  • [UGDNS-18947] Added filtering of WMI sensors by status.
  • [UGDNS-19552] Added separation of UserGate Log Analyzer roles into Log Collector and SIEM.
  • [UGDNS-19592] New licensing modules have been added that provide access to SIEM functionality and updates to the corresponding libraries.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.1007R, 23/09/2023).

Сhanges in new version:

  • [UGDNS-18036] Fixed error filtering events log entries by user.
  • [UGDNS-20199 ] Fixed bug with offline activation of LogAn and MC.
  • [UGDNS-20298] Improved clock accuracy for the C150 HWA.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.989R, 31/08/2023).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.949R, 02/08/2023).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.905R, 05/07/2023).

Сhanges in new version:

  • [UGDNS-18907] Fixed a bug where logging settings may be reset after a reboot.

UserGate Log Analyzer 7.0.1 Release (build 7.0.1.826R, 27/04/2023).

Сhanges in new version:

  • Added SIEM functionality (Security Information and Event Management). UserGate LogAn collects data from different sensors, provides aggregation and correlation of sensitive data and creates security incidents. Action rules provide ability to automatically react for security incidents.
  • Added IRP functionality (Incident Response Platform). UserGate LogAn allows to define the security incidents workflow for a specific company requirements.
  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for RestAPI.
  • Added ability for integration with GOSSOPKA.
  • Added various drill-downs in reports, dashboard and monitoring.
  • Added partial support for VMWare tools.
  • New licensing platform.

UserGate Log Analyzer 7.0.0 Release Candidate (build 7.0.0.735RC, 01/09/2022).

New in 7.0.0:

  • Added SIEM functionality (Security Information and Event Management). UserGate LogAn collects data from different sensors, provides aggregation and correlation of sensitive data and creates security incidents. Action rules provide ability to automatically react for security incidents.
  • Added IRP functionality (Incident Response Platform). UserGate LogAn allows to define the security incidents workflow for a specific company requirements.
  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for RestAPI.
  • Added ability for integration with GOSSOPKA.
  • Added various drill-downs in reports, dashboard and monitoring.
  • Added partial support for VMWare tools.
  • New licensing platform.